Lucene search

K

88 matches found

CVE
CVE
added 2019/08/13 9:15 p.m.5677 views

CVE-2019-9513

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.

7.8CVSS7.7AI score0.06395EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.5217 views

CVE-2019-9517

Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the byt...

7.8CVSS7.7AI score0.01585EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.3720 views

CVE-2019-9511

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to...

7.8CVSS6.8AI score0.19992EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.2969 views

CVE-2019-9516

Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for ...

7.5CVSS7.3AI score0.03292EPSS
CVE
CVE
added 2019/08/15 10:15 p.m.1789 views

CVE-2019-10081

HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.

7.5CVSS8.1AI score0.12985EPSS
CVE
CVE
added 2019/08/01 2:15 p.m.1138 views

CVE-2019-0193

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging...

9CVSS6.8AI score0.9325EPSS
CVE
CVE
added 2019/08/01 9:15 p.m.1075 views

CVE-2019-14513

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.

7.5CVSS8.7AI score0.39886EPSS
CVE
CVE
added 2019/08/20 9:15 p.m.831 views

CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

7.5CVSS7.3AI score0.00321EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.750 views

CVE-2019-9514

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STR...

7.8CVSS7.9AI score0.03912EPSS
CVE
CVE
added 2019/08/09 8:15 p.m.718 views

CVE-2019-11042

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to informatio...

7.1CVSS7.2AI score0.02943EPSS
CVE
CVE
added 2019/08/09 8:15 p.m.699 views

CVE-2019-11041

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to informatio...

7.1CVSS7.2AI score0.02943EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.688 views

CVE-2019-9512

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memor...

7.8CVSS7.8AI score0.16257EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.514 views

CVE-2019-9518

Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends tim...

7.8CVSS7.7AI score0.01631EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.482 views

CVE-2019-9515

Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalen...

7.8CVSS7.7AI score0.04513EPSS
CVE
CVE
added 2019/08/23 6:15 a.m.453 views

CVE-2019-15505

drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).

10CVSS9AI score0.00703EPSS
CVE
CVE
added 2019/08/14 5:15 p.m.452 views

CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary cipher...

8.1CVSS8.4AI score0.02941EPSS
CVE
CVE
added 2019/08/20 8:15 a.m.441 views

CVE-2019-15239

In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specif...

7.8CVSS7.9AI score0.00033EPSS
CVE
CVE
added 2019/08/27 5:15 a.m.414 views

CVE-2019-15666

An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.

4.9CVSS6AI score0.05021EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.413 views

CVE-2019-15221

An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.

4.9CVSS6AI score0.00157EPSS
CVE
CVE
added 2019/08/25 4:15 p.m.386 views

CVE-2019-15538

An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a...

7.8CVSS7.9AI score0.13455EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.384 views

CVE-2019-15220

An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

4.9CVSS6AI score0.00088EPSS
CVE
CVE
added 2019/08/21 6:15 a.m.371 views

CVE-2019-15292

An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.

10CVSS6AI score0.00953EPSS
CVE
CVE
added 2019/08/15 10:15 p.m.361 views

CVE-2019-9850

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on variou...

9.8CVSS9.2AI score0.85073EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.360 views

CVE-2019-15217

An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.

4.9CVSS6.1AI score0.00065EPSS
CVE
CVE
added 2019/08/01 5:15 p.m.350 views

CVE-2019-14494

An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.

7.5CVSS7.3AI score0.00507EPSS
CVE
CVE
added 2019/08/16 4:15 p.m.331 views

CVE-2019-5477

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizer#load_file is being called with unsafe user input as the filename. This vu...

9.8CVSS9.4AI score0.01265EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.322 views

CVE-2019-14809

net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an a...

9.8CVSS8.2AI score0.02727EPSS
CVE
CVE
added 2019/08/15 10:15 p.m.322 views

CVE-2019-9852

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice insta...

7.8CVSS8.9AI score0.92372EPSS
CVE
CVE
added 2019/08/14 6:15 a.m.320 views

CVE-2019-14973

_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.

6.5CVSS7.3AI score0.00968EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.316 views

CVE-2019-15219

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.

4.9CVSS5.9AI score0.00099EPSS
CVE
CVE
added 2019/08/15 10:15 p.m.314 views

CVE-2019-9851

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, ...

9.8CVSS9.1AI score0.85073EPSS
CVE
CVE
added 2019/08/17 6:15 p.m.310 views

CVE-2019-15133

In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.

6.5CVSS6.4AI score0.00151EPSS
CVE
CVE
added 2019/08/16 2:15 a.m.306 views

CVE-2019-15098

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

4.9CVSS6.2AI score0.00166EPSS
CVE
CVE
added 2019/08/16 2:15 p.m.295 views

CVE-2019-15118

check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.

5.5CVSS6.5AI score0.00136EPSS
CVE
CVE
added 2019/08/29 6:15 p.m.284 views

CVE-2019-15807

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.

4.7CVSS5.9AI score0.00071EPSS
CVE
CVE
added 2019/08/29 2:15 p.m.283 views

CVE-2019-11500

In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.

9.8CVSS7.7AI score0.28466EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.282 views

CVE-2019-15216

An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.

4.9CVSS6AI score0.00109EPSS
CVE
CVE
added 2019/08/17 6:15 p.m.281 views

CVE-2019-15132

Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of ...

5.3CVSS5.8AI score0.00412EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.279 views

CVE-2019-15218

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.

4.9CVSS6.1AI score0.00096EPSS
CVE
CVE
added 2019/08/07 3:15 p.m.261 views

CVE-2019-14744

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop ...

7.8CVSS7.6AI score0.01082EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.261 views

CVE-2019-15212

An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.

4.9CVSS5.9AI score0.00108EPSS
CVE
CVE
added 2019/08/12 11:15 p.m.247 views

CVE-2019-14981

In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.

6.5CVSS7.2AI score0.00653EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.245 views

CVE-2019-15211

An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.

4.9CVSS6AI score0.00111EPSS
CVE
CVE
added 2019/08/13 2:15 p.m.237 views

CVE-2017-18509

An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue...

7.8CVSS7.7AI score0.0006EPSS
CVE
CVE
added 2019/08/09 1:15 p.m.237 views

CVE-2019-14234

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQ...

9.8CVSS7.9AI score0.20732EPSS
CVE
CVE
added 2019/08/19 10:15 p.m.232 views

CVE-2019-15215

An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.

4.9CVSS6AI score0.00111EPSS
CVE
CVE
added 2019/08/15 5:15 p.m.219 views

CVE-2019-12854

Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.

7.5CVSS8.1AI score0.60533EPSS
CVE
CVE
added 2019/08/15 5:15 p.m.197 views

CVE-2019-13377

The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel a...

5.9CVSS6.2AI score0.00925EPSS
CVE
CVE
added 2019/08/29 6:15 p.m.172 views

CVE-2019-14437

The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file.

7.8CVSS8.3AI score0.00261EPSS
CVE
CVE
added 2019/08/29 6:15 p.m.170 views

CVE-2019-14438

A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file.

7.8CVSS8.2AI score0.00263EPSS
Total number of security vulnerabilities88